Privacy & Cookie Policy

I take your data protection very seriously and only gather the information I need to give you the best possible service, as well as the best experience on my website. I DO NOT give any data to third parties for marketing purposes. I do not sell data. I do not share data unless compelled to do so by law.

Who I am

What personal data I collect and why I collect it

I collect the personal information you give me when you complete my online contact form. This includes name, email address, phone number & your query. I collect this information so that I can contact you to respond to your query. The lawful basis for processing this data is ‘consent’: You have given me clear consent to process your personal data for the specific purpose of submitting a query or booking via my website form.

Should you contact me by phone, letter or other contact method, with an enquiry or booking, the same lawful basis of ‘consent’ applies. You have given me clear consent to process your personal data for the specific purpose of responding to your query or providing you with a service.

I also use the lawful basis of ‘legitimate interest’. I collect your data in order to supply you with the information or service you have requested.

What technical data I collect and why I collect it

In order to keep my website well optimised for users, I collect technical data. This may include third party plugins collecting technical data in order to keep their services running optimally. I use Google Analytics in order to optimise user experience on my website. This can include data such as the pages you visit, time spend on each page, your general location, browser, etc. Google has its own GDPR information which you can view on Google’s website. I store Google Analytics data (on Google Analytics) indefinitely. You can choose not to be tracked by changing your browser settings, for example, going ‘incognito’ or ‘private’, or amending your Cookie settings. Please see the Cookies section below for information about Cookies.

What payment data is collected

Payment is by BACs, therefore no payment data is taken or stored.

How I store your data & how long I retain your data

Your data is held in my email accounts. The data that is kept is used to enable me to provide you with the information, help or service you requested. Data is deleted once your query has been dealt with, unless it is likely that further information or relevant services will be given in the future, or if it is needed for accounts purposes.

Technical data and website analytical data is kept on Google Analytics and is kept indefinitely.

Who I share your data with

There is very limited access to your data. I do not share your data with any third parties for marketing purposes. My accountant has access to the information which is necessary for them to prepare my accounts. They are subject to a duty of confidentiality. My website developers are With Hindsite Ltd. They have potential access to website form content. You can see their Privacy Policy here. My website is hosted with siteground.com. You can see their Privacy Policy here.

What rights you have over your data

Under the GDPR your rights are as follows:

the right to be informed

the right of access

the right to rectification

the right to erasure

the right to restrict processing

the right to data portability

the right to object

the right to withdraw consent

To summarise, you can contact me to see what personal data I store about you and how I use it and store it. You can request for any of your details to be changed or removed. If you would like to implement any of the rights above, please contact me. You can read more about your rights in detail here.

You can request to receive a copy of the personal data I hold about you, including any data you have provided me with. You can also request that I erase any personal data I hold about you. This does not include any data I am obliged to keep for administrative, legal, or security purposes.

Additional information

My website is SSL secure (https).

Cookies

Contact information

What data breach procedures I have in place

Should I ever be made aware of a data breach, I will inform all affected people. I will also inform the ICO (Information Commissioner’s Office) within the specified 72 hours, if it is likely that there will be a risk to people’s rights and freedoms, for example, if personal data has been stolen or passed on to an unauthorised party.